• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.9-19
• /
• 2022

As the expansion of digital transformation, we are more exposed to the threat of cyber attacks, and many institution or company is operating a signature-based intrusion prevention system at the forefront of the network to prevent the inflow of attacks. However, in order to provide appropriate services to the related ICT system, strict blocking rules cannot be applied, causing many false events and lowering operational efficiency. Therefore, many research projects using artificial intelligence are being performed to improve attack detection accuracy. Most researches were performed using a specific research data set which cannot be seen in real network, so it was impossible to use in the actual system. In this paper, we propose a technique for classifying major attack keywords in the security event log collected from the actual system, assigning a weight to each key keyword, and then performing a similarity check using TF-IDF to determine whether an actual attack has occurred.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.143-150
• /
• 2023

Applications on physically unclonable circuits (PUFs) for implementing and utilizing security protocols with hardware is on the rise. PUFs have the capability to perform functions such as authentication, prevention of replication, and secure storage of critical information in integrated circuits and security systems. Through the implementation of physically unclonable circuits, a wide range of security features, including confidentiality, integrity, and availability, can be applied. Therefore, PUFs are promising candidate to build secure integrated circuits and hardware systems. However, in order that PUFs possess security features, PUFs should possess characteristics such as unpredictability, uniqueness, and robustness characteristics. This study provides a detailed explanation and introduction of the methods to characterize the PUF properties. By applying the results, it becomes possible to quantitatively evaluate the characteristics of implemented PUFs and assess their availabilities for security system applications.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.21-26
• /
• 2024

The security model in the previous network environment has a vulnerability in which resource access control for trusted users is not properly achieved using the Perimeter model based on trust. The Zero Trust is an absolute principle to assume that the users and devices accessing internal data have nothing to trust. Applying the Zero Trust principle is very successful in reducing the attack surface of an organization, and by using the Zero Trust, it is possible to minimize damage when an attack occurs by limiting the intrusion to one small area through segmentation. ZTNA is a major technology that enables organizations to implement Zero Trust security, and similar to Software Defined Boundary (SDP), ZTNA hides most of its infrastructure and services, establishing one-to-one encrypted connections between devices and the resources they need. In this study, we review the functions and requirements that become the principles of the ZTNA architecture, and also study the security requirements and additional considerations according to the construction and operation of the ZTNA solution.

• Journal of the Korean Institute of Electrical and Electronic Material Engineers
• /
• v.37 no.4
• /
• pp.374-381
• /
• 2024

This paper delves into the application of the short-wave infrared (SWIR) region, with a focus on the synthesis and optical characteristics of silver sulfide (Ag₂S) nanostructures. SWIR offers advantages such as reduced damage to biological tissues and enhanced optical transparency, making it valuable across various domains. The study introduces three distinct synthesis methods, each showcasing the ability to obtain nanostructures with improved optical properties. These research findings open up the possibility of providing tailored solutions in detection, imaging, and other applications by controlling the size and ligands of Ag₂S nanoparticles. This paper provides new insights into the utilization of Ag₂S in the SWIR region, which is expected to foster advancements in future technologies.

• Journal of the Society of Disaster Information
• /
• v.17 no.4
• /
• pp.897-903
• /
• 2021

Purpose: Recently, ransomware damage that encrypts victim's data through hacking and demands money in exchange for releasing it is increasing domestically and internationally. Accordingly, research and development on various response technologies and solutions are in progress. Method: A secure storage area and a general storage area were created in the same virtual environment, and the sample data was saved by registering the access process. In order to check whether the stored sample data is infringed, the ransomware sample was executed and the hash function of the sample data was checked to see if it was infringed. The access control performance checked whether the sample data was accessed through the same name and storage location as the registered access process. Result: As a result of the experiment, the sample data in the secure storage area maintained data integrity from ransomware and unauthorized processes. Conclusion: Through this study, the creation of a secure storage area and the whitelist-based access control method are evaluated as suitable as a method to protect important data, and it is possible to provide a more secure computing environment through future technology scalability and convergence with existing solutions.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.149-158
• /
• 2013

Despite the rapid growth of digital signage market with diffusion of digital media, there has been little case study in digital signage research area. More specifically, this case study of Intellian Systems, one of the leading digital signage companies, reveals how it made the successful growth by developing signage technology and its service in such a market. This study also describes how Intellian Systems strengthen and extend their digital signage business. By introducing Intellian Systems and its technology with service, this study provides some practical implications for firms which are relevant to using digital signage in Korea. In particular, we found that IT manpower who has specialized knowledge, excellent components of technologies and IT solutions as well as strategic alliance with a variety of partners as critical success factors in order to gain competitive advantages in digital signage industry.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.11
• /
• pp.1524-1530
• /
• 2018

In this paper, we designed a product that can prevent environmental pollution, waste of resources, and leakage of foreign currency by commercializing a green IT solution by merging a used smart phone with the IoT object communication technology for the first time in the world. For the experiment of the designed system, various performance and communication condition was experimented by installing it in the actual crop cultivation facility. As a result, when a problem occurs, the alarm sound and video notification are generated by the user's smart phone, and remote control of various installed devices and data analysis in real time are possible. In this study, it is thought that the terminal management board developed for the utilization of the used smart phone can be applied to various fields such as agriculture and environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.464-472
• /
• 2017

In the ICT (Information and Communication Technology) convergence security environment, a lot of companies use an external public web system for the external disclosure and sharing of product information, manufacturing technology, service manualsand marketing materials. In this way, the web system disclosed on the Internet is an important aspect of cyber security management and has an always-on vulnerability requiringan information protection solution and IT vulnerability checks. However, there are limits to vulnerability detection management in anexternal environment. In this study, in order to solvethese problems, we constructed a system based on digital forensics and conducted an empirical study on the detection of important information in enterprises by using forensic techniques. It was found thatdue to the vulnerability of web systems operated in Korea and overseas, important information could be revealed,such as the companies' confidential data and security management improvements. In conclusion, if a system using digital forensic techniques is applied in response to theincreasing number of hacking incidents, the security management of vulnerable areas will be strengthened and the cyber security management system will be improved.

• Journal of Industrial Convergence
• /
• v.21 no.12
• /
• pp.37-43
• /
• 2023

In today's business landscape, collaboration and interoperability are crucial for organizational success and profitability. However, integrating operations across multiple organizations is challenging due to differing roles and policies in Identity and Access Management (IAM). User-centric identity (UCI) adopts a personalized approach to digital identity management, centering on the end-user for authentication and access control. It provides a decentralized system that ensures secure and customized access for each user. UCI aims to address complex security challenges by aligning access privileges with individual user requirements. This research delves into UCI's ability to streamline resource access amidst conflicting IAM roles and protocols across various organizations. The study presents a UCI-based multi-domain access control (MDAC) framework, which encompasses an ontology, a unified method for articulating access roles and policies across domains, and software services melding with UCI infrastructure. The goal is to enhance organizational resource management and decision-making by offering clear guidelines on access roles and policy management across diverse domains, ultimately boosting companies' return on investment.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.27-36
• /
• 2023

In recent years, ransomware attacks have become more organized and specialized, with the sophistication of attacks targeting specific individuals or organizations using tactics such as social engineering, spear phishing, and even machine learning, some operating as business models. In order to effectively respond to this, various researches and solutions are being developed and operated to detect and prevent attacks before they cause serious damage. In particular, honeypots can be used to minimize the risk of attack on IT systems and networks, as well as act as an early warning and advanced security monitoring tool, but in cases where ransomware does not have priority access to the decoy file, or bypasses it completely. has a disadvantage that effective ransomware response is limited. In this paper, this honeypot is optimized for the user environment to create a reliable real-time dynamic honeypot file, minimizing the possibility of an attacker bypassing the honeypot, and increasing the detection rate by preventing the attacker from recognizing that it is a honeypot file. To this end, four models, including a basic data collection model for dynamic honeypot generation, were designed (basic data collection model / user-defined model / sample statistical model / experience accumulation model), and their validity was verified.